CVE-2024-45739: Sensitive information disclosure in AdminManager logging channel
First published: Mon Oct 14 2024(Updated: )
In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6, the software potentially exposes plaintext passwords for local native authentication Splunk users. This exposure could happen when you configure the Splunk Enterprise AdminManager log channel at the DEBUG logging level.
Credit: prodsec@splunk.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Splunk | >=9.1.0<9.1.6 | |
| Splunk | >=9.2.0<9.2.3 | |
| Splunk | =9.3.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2024-45739?
CVE-2024-45739 is considered a medium severity vulnerability due to the potential exposure of plaintext passwords.
How do I fix CVE-2024-45739?
To fix CVE-2024-45739, upgrade your Splunk Enterprise installation to version 9.3.1, 9.2.3, or 9.1.6 or later.
What versions of Splunk are affected by CVE-2024-45739?
CVE-2024-45739 affects Splunk Enterprise versions prior to 9.3.1, 9.2.3, and 9.1.6.
What is the risk associated with CVE-2024-45739?
The risk associated with CVE-2024-45739 is that it could allow unauthorized access to sensitive user credentials.
Can CVE-2024-45739 lead to a data breach?
Yes, if exploited, CVE-2024-45739 could potentially lead to a data breach due to exposed plaintext passwords.
- agent/title
- agent/references
- agent/description
- agent/first-publish-date
- agent/type
- agent/severity
- agent/author
- agent/event
- agent/weakness
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/splunk
- canonical/splunk
- version/splunk/9.1.0
- version/splunk/9.2.0
- version/splunk/9.3.1